Vulnerability Details CVE-2015-8096
Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to "phase one 0x412 tag," which triggers a heap-based buffer overflow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.103
EPSS Ranking 92.9%
CVSS Severity
CVSS v2 Score 10.0
References
- http://packetstormsecurity.com/files/134084/Google-Picasa-Phase-One-Tags-Processing-Integer-Overflow.html
- http://secunia.com/secunia_research/2015-3/
- http://www.securityfocus.com/archive/1/536761/100/0/threaded
- http://packetstormsecurity.com/files/134084/Google-Picasa-Phase-One-Tags-Processing-Integer-Overflow.html
- http://secunia.com/secunia_research/2015-3/
- http://www.securityfocus.com/archive/1/536761/100/0/threaded